The Browser Exploitation Framework Project

The OWASP OFFAT tool autonomously assesses your API for prevalent vulnerabilities, though full compatibility with OAS v3 is pending. The project remains a work in progress, continuously evolving to…

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains all CIS controls and …

It's a Docker Environment for Pentesting which having all the required tool for VAPT.

A blind XSS detection and XSS data capture framework

📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.

Web CTF CheatSheet 🐈

A CLI that utilizes Okta IdP via SAML to acquire temporary AWS credentials

bWAPP latest modified for PHP7 bundled with Docker container

OSINT tool that finds domains, subdomains, directories, endpoints and files for a given seed URL.

A next-generation crawling and spidering framework.

Powershell tool to automate Active Directory enumeration.

🔧 terminal client for GoTTY

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

A tool to scan Kubernetes cluster for risky permissions

A tool for generating multiple types of NTLMv2 hash theft files by Jacob Wilkin (Greenwolf)

Craft engaging XSS challenges effortlessly with CTF-XSS-BOT. This template simplifies setting up an environment for Capture The Flag competitions. Simulate admin actions using Puppeteer and control…

Kubernetes Goat is "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.

eBPF-based Security Observability and Runtime Enforcement

The SBOM tool is a highly scalable and enterprise ready tool to create SPDX 2.2 compatible SBOMs for any variety of artifacts.

Creates CycloneDX Software Bill of Materials (SBOM) from Gradle projects

This repository will contain many mindmaps for cyber security technologies, methodologies, courses, and certifications in a tree structure to give brief details about them

Provides a simple way to run Selenium Grid with Chrome, Firefox, and Edge using Docker, making it easier to perform browser automation

Collection of useful pre-compiled .NET binaries or other executables for penetration testing Windows Active Directory environments

bootstrap K3s over SSH in < 60s 🚀

Open Source runtime scanner for k8s cluster and perform security audit checks based on CIS Kubernetes Benchmark specification

Privilege Escalation Enumeration Script for Windows

A repository of curated datasets from various attacks

Chrome Headless docker images built upon alpine official image